Zusammenfassung: Knowledge about a network protocol to understand the communication between entities is necessary for vulnerability research, penetration testing, malware analysis, network reconnaissance, and network modeling. Traffic analysis is one approach to infer a protocol. This approach shares common challenges, tasks, methods, and solutions. In this survey, we collect tools proposed by previous work in the research field of protocol reverse engineering by static traffic trace analysis. We dissect each tool to discern the individual mechanisms and the algorithms they are based on. Thereby, we categorize and contrast these mechanisms and algorithms that are used in static traffic trace analysis to discuss how successful they were applied in each case. We compared classification schemes for protocol reverse engineering to structure our discussion about the tools. We present and discuss an explicit process model for static traffic trace analysis revealing the common structure of the decomposed tools and frameworks from previous research. By discussions about the algorithms applied within each tool for each process task, we show relations between tools, methods, and the process. We validate our model by applying it to each of the tools, followed by an outline of the utility of protocol reverse engineering. Starting out from the process description, we deduce which solutions and algorithms have already been investigated and where challenges remain so that novel solutions need to be searched for in the future. Regarding the whole field of protocol reverse engineering, it is a prevalent problem that only very few implementations of tools and frameworks are publicly available.

Zusammenfassung: In his invited talk, joint between CHES 2016 and CRYPTO 2016 on the Future of Embedded Security, Paul Kocher suggested to move the security into chips because hardware is the lowest level and thus security can not be compromized by a lower layer. In this paper, we propose a generic PUF-driven secure code execution architecture that employs instruction-level code encryption. Our design foresees a tight integration of a Physically Unclonable Function (PUF) and the decryption of encrypted program code directly inside the processor’s instruction pipeline to avert revealing keys or decrypted code in externally accessible registers or memory. The architecture prevents code-injection by executing only code encrypted for individual target CPUs, has an adaptable impact on performance, and requires only minor changes to the software development process. Our PUF-based code encryption defends also from reverse engineering attempts and enforces IP protection. A proof-of-concept implementation demonstrates the feasibility of our proposed architecture.

Zusammenfassung: Cooperative Intelligent Transportation Systems (cITS) are a promising technology to enhance driving safety and efficiency. Vehicles communicate wirelessly with other vehicles and infrastructure, thereby creating a highly dynamic and heterogeneously managed ad-hoc network. It is these network properties that make it a challenging task to protect integrity of the data and guarantee its correctness. A major component is the problem that traditional security mechanisms like PKI-based asymmetric cryptography only exclude outsider attackers that do not possess key material. However, because attackers can be insiders within the network (i.e., possess valid key material), this approach cannot detect all possible attacks. In this survey, we present misbehavior detection mechanisms that can detect such insider attacks based on attacker behavior and information analysis. In contrast to well-known intrusion detection for classical IT systems, these misbehavior detection mechanisms analyze information semantics to detect attacks, which aligns better with highly application-tailored communication protocols foreseen for cITS. In our survey, we provide an extensive introduction to the cITS ecosystem and discuss shortcomings of PKI-based security. We derive and discuss a classification for misbehavior detection mechanisms, provide an in-depth overview of seminal papers on the topic, and highlight open issues and possible future research trends.

Zusammenfassung: Distributed Reflective Denial of Service (DRDoS)
attacks are an immanent threat to Internet services. The potential
scale of such attacks became apparent in March 2018 when
a memcached-based attack peaked at 1.7 Tbps. Novel services
built upon UDP increase the need for automated mitigation
mechanisms that react to attacks without prior knowledge of
the actual application protocols used. With the flexibility that
software-defined networks offer, we developed a new approach
for defending against DRDoS attacks; it not only protects against
arbitrary DRDoS attacks but is also transparent for the attack
target and can be used without assistance of the target host
operator. The approach provides a robust mitigation system
which is protocol-agnostic and effective in the defense against
DRDoS attacks.

Lukaseder, Thomas; Ghosh, Shreya; Kargl, Frank

Mitigation of Flooding and Slow DDoS Attacks in a Software-Defined Network

Proceedings of the 43rd IEEE Conference on Local Computer Networks (Demo Track)

Zusammenfassung: Distributed denial of service (DDoS) attacks are a constant threat for services in the Internet. This year, the record for the largest DDoS attack ever observed was set at 1.7 Tbps. Meanwhile, detection and mitigation mechanisms are still lacking behind. Many mitigation systems require the assistance by the victim — or the victim’s administrator themself has to become active to mitigate attacks. We introduced a system that can detect attacks, identify attackers, and mitigate the attacks purely within the network infrastructure. With the improved flexibility of software-defined networks, new possibilities to mitigate such attacks can be implemented. In addition to our short paper on the mitigation of reflective DDoS attacks on
LCN 2018 [3], we also like to demonstrate our work on mitigating flooding attacks presented at LCN 2017 [1] and our mitigation of slow DDoS attacks [2]. In our demo, we show how these systems can be combined and how they work
when faced with such different attacks.

Zusammenfassung: Protocol reverse engineering based on traffic traces allows to analyze observable network messages. Thereby, message formats of unknown protocols can be inferred. We present a novel method to infer structure from network messages of binary protocols. The method derives field boundaries from the distribution of value changes throughout individual messages. None of many previous approaches exploits features of structure which are contained within each single message. Our method exploits this intrinsic structure instead of comparing multiple messages with each other. We implement our approach in the tool NEMESYS: NEtwork Message SYntax analysiS. Additionally, we introduce the Format Match Score: the first quantitative measure of the quality of a message format inference. We apply the Format Match Score to NEMESYS and a previous approach and compare the results to mutually validate our new format inference method and the measure of its quality.

Zusammenfassung: Slow-running attacks against network applications are often not easy to detect, as the attackers behave according to the specification. The servers of many network applications are not prepared for such attacks, either due to missing countermeasures or because their default configurations ignores such attacks. The pressure to secure network services against such attacks is shifting more and more from the service operators to the network operators of the servers under attack. Recent technologies such as software-defined networking offer the flexibility and extensibility to analyze and influence network flows without the assistance of the target operator. Based on our previous work on a network-based mitigation, we have extended a framework to detect and mitigate slow-running DDoS attacks within the network infrastructure, but without requiring access to servers under attack. We developed and evaluated several identification schemes to identify attackers in the network solely based on network traffic information. We showed that by measuring the packet rate and the uniformity of the packet distances, a reliable identificator can be built, given a training period of the deployment network.

van der Heijden, Rens W.; Lukaseder, Thomas; Kargl, Frank

VeReMi: A Dataset for Comparable Evaluation of Misbehavior Detection in VANETs

Proceedings of the 21st International Conference on Information Fusion

Herausgeber: IEEE,

Juli
2018

Zusammenfassung: The purpose of multi-source fusion is to combine information from more than two evidence sources, or subjective opinions from multiple actors. For subjective logic, a number of different fusion operators have been proposed, each matching a fusion scenario with different assumptions. However, not all of these operators are associative, and therefore multi-source fusion is not well-defined for these settings. In this paper, we address this challenge, and define multi-source fusion for weighted belief fusion (WBF) and consensus & compromise fusion (CCF). For WBF, we show the definition to be equivalent to the intuitive formulation under the bijective mapping between subjective logic and Dirichlet evidence PDFs. For CCF, since there is no independent generalization, we show that the resulting multi-source fusion produces valid opinions, and explain why our generalization is sound. For completeness, we also provide corrections to previous results for averaging and cumulative belief fusion (ABF and CBF), as well as belief constraint fusion (BCF), which is an extension of Dempster's rule. With our generalizations of fusion operators, fusing information from multiple sources is now well-defined for all different fusion types defined in subjective logic. This enables wider applicability of subjective logic in applications where multiple actors interact.

Zusammenfassung: For preserving privacy, blockchains can be equipped
with dedicated mechanisms to anonymize participants. How-
ever, these mechanism often take only the abstraction layer of
blockchains into account whereas observations of the underlying
network traffic can reveal the originator of a transaction request.
Previous solutions either provide topological privacy that can
be broken by attackers controlling a large number of nodes,
or offer strong and cryptographic privacy but are inefficient
up to practical unusability. Further, there is no flexible way to
trade privacy against efficiency to adjust to practical needs. We
propose a novel approach that combines existing mechanisms to
have quantifiable and adjustable cryptographic privacy which is
further improved by augmented statistical measures that prevent
frequent attacks with lower resources. This approach achieves
flexibility for privacy and efficency requirements of different
blockchain use cases.

Short research statement for the DSN Workshop on Byzantine Consensus and Resilient Blockchains (BCRB)

Juni
2018

Zusammenfassung: Privacy aspects of blockchains have gained attention
as the log of transactions can be view by any interested party.
Privacy mechanisms applied to the ledger can be undermined by
attackers on the network level, resulting in deanonymization of
the transaction senders. We discuss current approaches to this
problem, e.g. Dandelion, sketch our own approach to provide
even stronger privacy mechanisms and discuss the challenges
and open questions for further research in this area.

Zusammenfassung: Stream-based graph systems continuously ingest graph-changing events via an established input stream, performing the required computation on the corresponding graph. While there are various benchmarking and evaluation approaches for traditional, batch-oriented graph processing systems, there are no common procedures for evaluating stream-based graph systems. We, therefore, present GraphTides, a generic framework which includes the definition of an appropriate system model, an exploration of the parameter space, suitable workloads, and computations required for evaluating such systems. Furthermore, we propose a methodology and provide an architecture for running experimental evaluations. With our framework, we hope to systematically support system development, performance measurements, engineering, and comparisons of stream-based graph systems.

Meißner, Dominik; Erb, Benjamin; Kargl, Frank; Tichy, Matthias

retro-λ: An Event-sourced Platform for Serverless Applications with Retroactive Computing Support

Proceedings of the 12th ACM International Conference on Distributed Event-Based Systems

Zusammenfassung: State changes over time are inherent characteristics of stateful applications. So far, there are almost no attempts to make the past application history programmatically accessible or even modifiable. This is primarily due to the complexity of temporal changes and a difficult alignment with prevalent programming primitives and persistence strategies. Retroactive computing enables powerful capabilities though, including computations and predictions of alternate application timelines, post-hoc bug fixes, or retroactive state explorations. We propose an event-driven programming model that is oriented towards serverless computing and applies retroaction to the event sourcing paradigm. Our model is deliberately restrictive, but therefore keeps the complexity of retroactive operations in check. We then introduce retro-λ, a runtime platform that implements the model and provides retroactive capabilites to its applications. While retro-λ only shows negligible performance overheads compared to similar solutions for running regular applications, it enables its users to execute retroactive computations on the application histories as part of its programming model.

Meißner, Dominik; Erb, Benjamin; Kargl, Frank

Poster: Performance Engineering in Distributed Event-sourced Systems

Proceedings of the 12th ACM International Conference on Distributed Event-Based Systems

Zusammenfassung: Distributed event-sourced systems adopt a fairly new architectural style for data-intensive applications that maintains the full history of the application state. However, the performance implications of such systems are not yet well explored, let alone how the performance of these systems can be improved. A central issue is the lack of systematic performance engineering approaches that take into account the specific characteristics of these systems. To address this problem, we suggest a methodology for performance engineering and performance analysis of distributed event-sourced systems based on specific measurements and subsequent, targeted optimizations. The methodology blends in well into existing software engineering processes and helps developers to identify bottlenecks and to resolve performance issues. Using our structured approach, we improved an existing event-sourced system prototype and increased its performance considerably.

Erb, Benjamin; Meißner, Dominik; Ogger, Ferdinand; Kargl, Frank

Poster: Log Pruning in Distributed Event-sourced Systems

Proceedings of the 12th ACM International Conference on Distributed Event-Based Systems

Zusammenfassung: Event sourcing is increasingly used and implemented in event-based systems for maintaining the evolution of application state. However, unbounded event logs are impracticable for many systems, as it is difficult to align scalability requirements and long-term runtime behavior with the corresponding storage requirements. To this end, we explore the design space of log pruning approaches suitable for event-sourced systems. Furthermore, we survey specific log pruning mechanisms for event-sourced logs. In a brief evaluation, we point out the trade-offs when applying pruning to event logs and highlight the applicability of log pruning to event-sourced systems.

Zusammenfassung: Several data-intensive applications take streams of events as a continuous input and internally map events onto a dynamic, graph-based data model which is then used for processing. The differences between event processing, graph computing, as well as batch processing and near-realtime processing yield a number of specific requirements for computing platforms that try to unify theses approaches. By combining an altered actor model, an event-sourced persistence layer, and a vertex-based, asynchronous programming model, we propose a distributed computing platform that supports event-driven, graph-based applications in a single platform. Our Chronograph platform concept enables online and offline computations on event-driven, history-aware graphs and supports different processing models on the evolving graph.

Zusammenfassung: Vehicles are the target of a rising number of hacking attacks. The integration of in-vehicle
intrusion detection systems is a common approach to increase the overall system security. However,
testing and evaluating these systems is difficult due to the lack of tools to generate realistic benign
and malicious workloads as well as sharing these workloads with other researchers. Currently, test-
ing tools are predominantly intended for Network Intrusion Detection System (NIDS) in company or
industrial networks where their usefulness became apparent. Yet, in the automotive domain, develop-
ment of testing tools is still in the early stages. Existing non-commercial automotive tools only focus
on one specific bus technology each. However, in-vehicle communication exceeds bus technology
boundaries and a testing tool must cover multiple technologies. We propose a framework architec-
ture concept for in-vehicle NIDS testing and evaluation to enable the creation of realistic network
traffic and attacks in consideration of automotive specific challenges. Our concept provides the op-
portunity to share data without additional anonymization effort therefore improving cooperation and
reproducibility of testing results.

Zusammenfassung: An increasing number of distributed, event-based systems adopt an architectural style called event sourcing, in which entities keep their entire history in an event log. Event sourcing enables data lineage and allows entities to rebuild any previous state. Restoring previous application states is a straightforward task in event-sourced systems with a global and totally ordered event log. However, the extraction of causally consistent snapshots from distributed, individual event logs is rendered non-trivial due to causal relationships between communicating entities. High dynamicity of entities increases the complexity of such reconstructions even more. We present approaches for retrospective and global state extraction of event-sourced applications based on distributed event logs. We provide an overview on historical approaches towards distributed debugging and breakpointing, which are closely related to event log-based state reconstruction. We then introduce and evaluate our approach for non-local state extraction from distributed event logs, which is specifically adapted for dynamic and asynchronous event-sourced systems.

Zusammenfassung: Surveys indicate that users are often afraid to entrust data to cloud storage providers, because these do not offer sufficient privacy. On the other hand, peer-2-peer–based privacy-preserving storage systems like Freenet suffer from a lack of contribution and storage capacity, since there is basically no incentive to contribute own storage capacity to other participants in the network.
We address these contradicting requirements by a design which combines a distributed storage with a privacy-preserving blockchain-based payment system to create incentives for participation while maintaining user privacy. By following a Privacy-by-Design strategy integrating privacy throughout the whole system life cycle, we show that it is possible to achieve levels of privacy comparable to state-of-the-art distributed storage technologies, despite integrating a payment mechanism.
Our results show that it is possible to combine storage contracts and payments in a privacy-preserving way. Further, our system design may serve as an inspiration for future similar architectures.

2016

Erb, Benjamin; Kargl, Frank

Chronograph–A Distributed Platform for Event-Sourced Graph Computing

Proceedings of the Posters and Demos Session of the 17th International Middleware Conference

Zusammenfassung: Many data-driven applications require mechanisms for processing interconnected or graph-based data sets. Several platforms exist for offline processing of such data and fewer solutions address online computations on dynamic graphs. We combined a modified actor model, an event-sourced persistence layer, and a vertex-based, asynchronous programming model in order to unify event-driven and graph-based computations. Our distributed chronograph platform supports both near-realtime and batch computations on dynamic, event-driven graph topologies, and enables full history tracking of the evolving graphs over time.

Exploiting Propagation Effects for Authentication and Misbehavior Detection in VANETs

Proceedings of the 2016 IEEE Vehicular Networking Conference (VNC)

Herausgeber: IEEE,

Dezember
2016

Zusammenfassung: Vehicular Ad-hoc Networks (VANETs) are a critical and potentially vulnerable target for attacks on both message integrity and authenticity. Existing approaches are based on computationally expensive digital signature, which also creates large message sizes due to the attachment of signatures and certificates to messages. This leads to high communication and verification overheads, both in terms of bandwidth and compu- tational effort. In this paper we discuss an alternative approach to ensure message integrity using characteristics of the received signal for authentication and misbehavior detection.

Zusammenfassung: One of the current problems of peer-to-peer-based file storage systems like Freenet is missing participation, especially of storage providers. Users are expected to contribute storage resources but may
have little incentive to do so. In this paper we propose KopperCoin, a token system inspired by Bitcoin’s blockchain which can be integrated into a peer-to-peer file storage system. In contrast to Bitcoin, KopperCoin does not rely on a proof of work (PoW) but instead on a proof of retrievability (PoR). Thus it is not computationally expensive and instead requires participants to contribute file storage to maintain the network. Participants can earn digital tokens by providing storage to other users, and by allowing other participants in the network to download files. These tokens serve as a payment mechanism. Thus we provide direct reward to
participants contributing storage resources.

Zusammenfassung: The increasing availability of 10G Ethernet network capabilities challenges existing transport layer protocols. As 10G connections gain momentum outside of backbone networks, the choice of appropriate TCP congestion control algorithms becomes even more relevant for networked applications running in environments such as data centers.
Therefore, we provide an extensive overview of relevant TCP congestion control algorithms for high-speed environments leveraging 10G. We analyzed and evaluated six TCP variants using a physical network testbed, with a focus on the effects of propagation delay and significant drop rates.
The results indicate that of the algorithms compared, BIC is most suitable when no legacy variant is present; CUBIC is suggested otherwise.

Zusammenfassung: There are many high-speed TCP variants with different congestion control algorithms, which are designed for specific settings or use cases. Distinct features of these algorithms are meant to optimize different aspects of network performance, and the choice of TCP variant strongly influences application performance. However, setting up tests to help with the decision of which variant to use can be problematic, as many systems are not designed to deal with high bandwidths, such as 10 Gbps or more. This paper provides an overview of pitfalls and challenges of realistic network analysis to help in the decision making process.

Zusammenfassung: In large-scale disaster scenarios, efficient triage management is a major challenge for emergency services. Rescue forces traditionally respond to such incidents with a paper-based triage system, but technical solutions can potentially achieve improved usability and data availability. We develop a triage management system based on commodity hardware and software components to verify this claim. We use a single-hop, ad-hoc network architecture with multi-master replication, a tablet-based device setup and a mobile application for emergency services. We study our system in cooperation with regional emergency services and describe experiences from a field exercise. We show that state-of-the-art commodity technology provides the means necessary to implement a triage management system compatible with existing emergency service procedures, while introducing additional benefits. This work highlights that powerful real-world ad-hoc networking applications do not require unreasonable development effort, as existing tools from distributed systems, like replicating No-SQL databases, can be used successfully.

Zusammenfassung: The integrity of messages in vehicular ad-hoc networks has been extensively studied by the research community, resulting in the IEEE~1609.2 standard, which provides typical integrity guarantees. However, the correctness of message contents is still one of the main challenges of applying dependable and secure vehicular ad-hoc networks. One important use case is the validity of position information contained in messages: position verification mechanisms have been proposed in the literature to provide this functionality. A more general approach to validate such information is by applying misbehavior detection mechanisms. In this paper, we consider misbehavior detection by enhancing two position verification mechanisms and fusing their results in a generalized framework using subjective logic. We conduct extensive simulations using VEINS to study the impact of traffic density, as well as several types of attackers and fractions of attackers on our mechanisms. The obtained results show the proposed framework can validate position information as effectively as existing approaches in the literature, without tailoring the framework specifically for this use case.

Zusammenfassung: A basic reason for backend systems in mobile application architectures is the centralized management of state.
Mobile clients synchronize local states with the backend in order to maintain an up-to-date view of the application state.
As not all mobile social applications require strong consistency guarantees, we survey an alternative approach using special data structures for mobile applications. These data structures only provide eventual consistency, but allow for conflict-free replication between peers.
Our analysis collects the requirements of social mobile applications for being suitable for this approach. Based on exemplary mobile social applications, we also point out the benefits of serverless architecture or architectures with a thin backend layer.

Zusammenfassung: Privacy strategies and privacy patterns are fundamental concepts of the privacy-by-design engineering approach. While they support a privacy-aware development process for IT systems, the concepts used by malicious, privacy-threatening parties are generally less understood and known. We argue that understanding the ``dark side'', namely how personal data is abused, is of equal importance.
In this paper, we introduce the concept of privacy dark strategies and privacy dark patterns and present a framework that collects, documents, and analyzes such malicious concepts. In addition, we investigate from a psychological perspective why privacy dark strategies are effective.
The resulting framework allows for a better understanding of these dark concepts, fosters awareness, and supports the development of countermeasures. We aim to contribute to an easier detection and successive removal of such approaches from the Internet to the benefit of its users.

Zusammenfassung: Authenticating legitimate nodes is a major concern of the envisioned vehicular networks. To achieve this, standards and literature propose to use asymmetric cryptographic mechanisms which generate significant overheads in terms of time and power consumption. In this paper, we address this problem and we propose a novel idea of exploiting physical layer characteristics to rely on them for re-authenticating future beacons after verifying the first one cryptographically. Despite the challenges in such high mobility networks, possible concrete approaches to start the evaluation of our scheme are presented. Our approaches are inspired by the vehicular channel related work conclusions which give signs of future success to our scheme in this critical field.

Zusammenfassung: Abstract In the field of Vehicular Ad-hoc Networks (VANETs), traffic efficiency applications, such as traffic information systems, are particularly challenging, because they often require the dissemination of information within large geographic areas. Forwarding information over multiple hops is a necessity, and due to the amount of available information, the available wireless capacity is easily exhausted. In-network aggregation protocols are often used to cope with wireless channel restrictions. Their aim is to collaboratively create summaries of traffic information and other information items as information is disseminated within the network. But in-network aggregation is challenging form a security perspective: insider attackers may be able to alter not only their own observations but also modify already aggregated information, or they may introduce false aggregates. As a result, wrong routing decisions may be taken, or drivers may engage in dangerous driving maneuvers. Existing security mechanisms for in-network aggregation often introduce considerable additional overhead, resulting from cryptographic proofs, such as signatures. In this work, we follow a different approach: we design a resilient aggregation mechanism that leverages already existing communication redundancy and combines it with data consistency checks to identify and filter false aggregates information. Our security mechanism introduces limited additional overhead, and simulation results show that at least 20% attacker vehicles can be tolerated by our mechanism.

Zusammenfassung: Abstract Pseudonym certificates are the state-of-the-art approach for secure and privacy-friendly message authentication in vehicular ad-hoc networks. However, most of the proposed pseudonym schemes focus on privacy among participants. Privacy towards backend providers is usually (if at all) only protected by separation of responsibilities. The protection can be overridden, when the entities collaborate, e.g. when revocation of long-term credentials is required. This approach puts the users' privacy at risk, if the backend systems are not fully trusted. We propose PUCA -- a scheme that provides full anonymity for honest users, even against colluding backend providers. The scheme uses anonymous credentials for authentication with the backend, while leaving the communication among vehicles and with road side units unchanged and in compliance with existing standards. For removal of misbehaving vehicles from the system, we leverage a privacy-friendly revocation mechanism, that does not require resolution of pseudonyms. With our scheme, we demonstrate that strong and verifiable privacy protection in vehicular networks can be achieved, while fulfilling common security requirements, such as sybil-resistance and revocation.

Zusammenfassung: Inter-vehicle communication has attracted a lot of attention in the past. A major concern is the security and especially the integrity and authenticity of messages. Current standards and proposals in literature leverage asymmetric cryptographic mechanisms to achieve this, which is costly both in terms of consumed computational power, bandwidth, and introduced delay. We present a novel idea to use physical characteristics of the wireless channel to verify subsequent messages after initial trust in a first message has been established cryptographically. In this paper, we sketch the concept and provide a first evaluation on its potential for saving named resources.

Zusammenfassung: A persistent problem with program execution is its vulnerability to code injection attacks. Equally unsolved is the susceptibility of software to reverse engineering, which undermines code confidentiality. We propose an approach that solves both kinds of security problems by employing instruction-level code encryption combined with the use of a physical unclonable function (PUF). Our Secure Execution PUF-based Processor (SEPP) architecture is designed to minimize the attack surface, as well as the performance impact, and requires no significant changes to the software development process. Our approach supports distributed systems, as the secure execution environment needs not be physically available to the developer.

Zusammenfassung: A persistent problem with program execution, despite numerous mitigation attempts, is its inherent vulnerability to the injection of malicious code. Equally unsolved is the susceptibility of firmware to reverse engineering, which undermines the manufacturer's code confidentiality. We propose an approach that solves both kinds of security problems employing instruction-level code encryption combined with the use of a physical unclonable function (PUF). Our novel Secure Execution PUF-based Processor (SEPP) architecture is designed to minimize the attack surface, as well as performance impact, and requires no significant changes to the development process. This is possible based on a tight integration of a PUF directly into the processor's instruction pipeline. Furthermore, cloud scenarios and distributed embedded systems alike inherently depend on remote execution; our approach supports this, as the secure execution environment needs not to be locally available at the developers site. We implemented an FPGA-based prototype based on the OpenRISC Reference Platform. To assess our results, we performed a security analysis of the processor and evaluated the performance impact of the encryption. We show that the attack surface is significantly reduced compared to previous approaches while the performance penalty is at a reasonable factor of about 1.5.

Zusammenfassung: Distance bounding protocols (DBPs) are security protocols that aim to limit the maximum possible distance between two partners in a wireless communication. This enables to ensure locality of interaction between two devices. Despite numerous proposed protocols, recent analyses of DBPs have shown the majority of them to be susceptible to attacks. Most prominent among the unsolved security problems of DBPs is terrorist fraud. This type of attack involves collaboration with a legitimate device, after which the attacker can successfully execute the protocol. We show how terrorist fraud can be prevented by replacing shared secrets - commonly used in classical DBPs - with physical unclonable functions (PUFs). Our new approach can be integrated in all current DBPs with minor modifications. We offer two alternate designs: One utilizing challenge-response PUFs and another using so-called SIMPL systems, a PUF-analogue to public-key cryptography. We use a security model proposed by previous work to demonstrate security of our scheme.

Zusammenfassung: Compared with standard information technology systems, industrial control systems show more consistent and regular communications patterns. This characteristic contributes to the stability of controlled processes in critical infrastructures such as power plants, electric grids and water treatment facilities. However, Stuxnet has demonstrated that skilled attackers can strike critical infrastructures by leveraging knowledge about these processes. Sequence attacks subvert infrastructure operations by sending misplaced industrial control system messages. This chapter discusses four main sequence attack scenarios against industrial control systems. Real Modbus, Manufacturing Message Specification and IEC 60870-5-104 traffic samples were used to test sequencing and modeling techniques for describing industrial control system communications. The models were then evaluated to verify the feasibility of identifying sequence attacks. The results create the foundation for developing ?sequence-aware? intrusion detection systems.

Zusammenfassung: Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication aims to increase safety, efficiency, and comfort of drivers. Vehicles periodically broadcast their current status, such as position, velocity, and other information. Received information is stored in a local knowledge base, often called world model, and used for application decisions. Because of the potential impact, V2V communication is an interesting target for malicious attackers. Message integrity protection using cryptographic signatures only protects against outsider attackers. In addition to signatures, misbehavior detection mechanisms comparable to intrusion detection systems (IDS) are needed to detect insider attackers. Given the complexity and large number of foreseen V2V and V2I applications, misbehavior detection cannot be a one-size-fits-all solution. In this paper, we present a flexible framework that can combine a range of different misbehavior detection mechanisms by modeling their outputs using subjective logic. We demonstrate the feasibility of our framework by using a combination of existing detection mechanisms to increase their misbehavior detection results.

Zusammenfassung: This position paper proposes new challenges in data-centric misbehavior detection for vehicular ad-hoc networks (VANETs). In VANETs, which aim to improve safety and efficiency of road transportation by enabling communication between vehicles, an important challenge is how vehicles can be certain that messages they receive are correct. Incorrectness of messages may be caused by malicious participants, damaged sensors, delayed messages or they may be triggered by software bugs. An essential point is that due to the wide deployment in these networks, we cannot assume that all vehicles will behave correctly. This effect is stronger due to the privacy requirements, as those requirements include multiple certificates per vehicle to hide its identity. To detect these incorrect messages, the research community has developed misbehavior data-centric detection mechanisms, which attempt to recognize the messages by semantically analyzing the content. The detection of anomalous messages can be used to detect and eventually revoke the certificate of the sender, if the message was malicious. However, this approach is made difficult by rare events –such as accidents–, which are essentially anomalous messages that may trigger the detection mechanisms. The idea we wish to explore in this paper is how attack detection may be improved by also considering the detection of specific types of anomalous events, such as accidents.

Zusammenfassung: The multitude of applications envisioned for vehicular ad-hoc networks (VANETs) requires efficient com- munication and dissemination mechanisms to prevent network congestion. In-network data aggregation promises to reduce bandwidth requirements and enable scalability in large vehicular networks. However, most existing aggregation schemes are tailored to specific applications and types of data. Proper comparative evaluation of different aggregation schemes is difficult. Yet, comparability is essential to properly measure accuracy, performance, and efficiency. We outline a modeling approach for VANET aggregation schemes to achieve objective comparability. Our modeling approach consists of three models, which provide different perspectives on an aggregation scheme. The generalized architecture model facilitates categorization of aggregation schemes. The aggregation information flow model supports analysis of where information is aggregated by a scheme. The aggregation state graph models how knowledge about the road network and its environment is represented by a scheme. Further, it facilitates error estimation with respect to the ground truth. We apply each modeling approach to existing aggregation schemes from the literature and highlight strengths, as well as weaknesses, that can be used as starting point for designing a more generic aggregation scheme.

Zusammenfassung: As information systems extensively exchange information between participants, privacy concerns may arise from its potential misuse. A Privacy by Design (PbD) approach considers privacy requirements of different stakeholders during the design and the implementation of a system. Currently, a comprehensive approach for privacy requirement engineering, implementation, and verification is largely missing. This paper extends current design methods by additional (formal) steps which take advantage of ontologies. The proposed extensions result in a systematic approach that better protects privacy in future information systems.

Kung, Antonio; Freytag, Johann-Christoph; Kargl, Frank

Privacy-by-Design in ITS Applications - The Way Forward

Second International Workshop on Data Security and PrivAcy in wireless Networks (D-SPAN 2011)